Splunk on RPI

DanRyder · ‎11-13-2016

Hi there,

I have been looking into using the RaspberryPI (RPI) and splunk coupled with a SPAM port to monitor network traffic.

Now, I know there is only Stream and the Universal forwarder that are ported for ARM architecture.

Does this mean I have to have Splunk light/ indexer on a seperate machine - Can I get what I need out of using just the forwarder and the Stream app, or do I need the Splunk Light base too?

I've tried the documentation, my understanding is that I would have to have Splunk on a seperate machine, with RPI forwarding information to it. Is the Stream app not standalone? I would rather everything I need on the RPI alone without the need for a second machine.

Many thanks for any clarification you can provide!

dcavuto_splunk · ‎11-15-2016

There is a limited distribution of the Independent Stream Forwarder available until Dec 1. Please contact your Technical Sales team to arrange for a time-limited test of this software.

ddrillic · ‎11-13-2016

The following speaks about it - Splunk Stream on a Raspberry Pi? YES!

It shows -

You said -

-- I've tried the documentation, my understanding is that I would have to have Splunk on a seperate machine, with RPI forwarding information to it. Is the Stream app not standalone? I would rather everything I need on the RPI alone without the need for a second machine.

So, as you said, the preferred way is to have Splunk on a separate machine and the forwarder and the App for Stream on the Raspberry Pi machine.

Splunk on RPI

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!

New in Observability Cloud - Explicit Bucket Histograms